Vanderbilt makes its foray into cloud access control

July 7, 2017
Company's CEO discusses upcoming launch of ACT365

Renowned for their ability to provide customized, enterprise-class access control management through their Security Management System (SMS) platform, Vanderbilt has sought to diversify its product offerings in recent years by acquiring several European-based companies, including Siemens Security Products and Access Control Technology (ACT) Ltd. in 2015 and 2016 respectively.

These acquisitions not only expanded the company’s global footprint and research and development capabilities, but also enabled them to offer an end-to-end security system consisting of video surveillance, access control and intrusion detection solutions. While the bulk of the product offerings acquired through these purchases are still only available to Vanderbilt’s European customers, the company is getting ready to roll out a new cloud access control service to clients in the U.S. called ACT365.

According to Vanderbilt CEO Joseph Grillo, one of the things that made ACT such an attractive acquisition target was the fact that they already had a fully built cloud solution which could help get his company into the cloud space much quicker than having to create one organically.

“Seeing some of the trends in the whole IT landscape and some of what we saw in the marketplace for cloud access, along with the success we’ve had with our cloud-based intrusion product called SPC Connect in Europe, we thought that it would be a significant advantage to acquire that technology because it had not been started to be developed internally when Siemens owned the business,” Grillo explains.

Given the number of companies that have moved into the cloud access segment of the market in recent years, Grillo believes it was imperative for Vanderbilt to be able to have a competitive offering in the space or risk losing out on one of the largest growing segments of the market. A report published in late 2014 by market research firm IHS predicted that the global market size for Access Control-as-a-Service (ACaaS), which consists of both cloud-based hosted and managed solutions, would top $530 million by 2018 and $1.8 billion by 2025.

ACT365, which will make its official U.S. debut at ASIS 2017 later this year, is currently being piloted in several applications. The benefits of cloud access control, such as being able to manage multiple sites remotely, reduced infrastructure costs, changing security from a capital expenditure to an operational expenditure, and the ability to scale the system as needed, continue to make it attractive to a wide array of end-users.     

“The acceptance (of cloud) is there as more businesses experience it. Many companies have already used things like Salesforce as a CRM tool as well other types of products. I think it depends on the application and the end-user. Very large enterprise-type users will probably still feel more comfortable with their access control/security management system residing on the corporate network because they have a lot of investment and confidence in the security,” Grillo says.

Grillo says cloud solutions like ACT365 are ideal for small and mid-sized enterprises (SMEs), many of whom would like to adopt more comprehensive security solutions into their operations but simply lack the resources.

“SMEs don’t have an IT department and their ability to operate a system, get upgrades and not worry about servers, IT connectivity and compatibility, and reliability is an advantage,” he says. “Systems nowadays work with mobile apps. You can look at video of your site, open a door remotely and all of these things can be done without having to worry about managing the infrastructure associated with providing these capabilities.”

Of course, one of the greatest fears surrounding the deployment of not only cloud systems but IP-enabled security devices in general for companies today is their vulnerability to hackers. The ability of cyber criminals to leverage security products to both launch attacks or use them as entry points to the larger network have been well-documented. For example, last year’s Mirai botnet distributed denial of service (DDoS) attack leveraged thousands of IP surveillance cameras in order to take down several large websites. However, Grillo says cybersecurity is a primary consideration in all of the products Vanderbilt builds and ACT365 is no exception.

“All of us manufacturers need to make sure we test our products for security vulnerabilities. I think if you use one of the larger, more sophisticated cloud service providers, such as Amazon, Microsoft or what have you, you have a pretty fair confidence that they are also spending a lot of time and money investing to make sure their ability to service your system or product is robust, highly secure and backed up, redundant, and all of those things,” he adds. “You have to do it with your own product locally and then find the right service provider. There’s no 100 percent guarantee that there won’t be attacks but you have a high-level of confidence that if you do test your products and use a good service provider, you minimize the risks to yourself and your customers.”

And though ACT365 also includes a video integration component, Grillo says that capability is only currently available in Europe. SPC Connect will also remain a European only solution for now.

“We also acquired with ACT a video capability – video control unit or VCU – that is s fully integrated into all of ACT’s product lines and we’re in the process of test marketing and beta testing the cloud-based video solution in Europe, but that will also follow the access control product into the U.S. market at a later date,” Grillo says. 

About the Author: 

Joel Griffin is the Editor-in-Chief of and a veteran security journalist. You can reach him at